CAS, css and include images pb

Jehan PROCACCIA Jehan.Procaccia at int-evry.fr
Mon Oct 16 12:20:50 EDT 2006 

jehan procaccia wrote:
> Scott Battaglia wrote:
>
>   
>> I would guess you need to move your images and CSS out of the 
>> directory protected by CAS.  But I'm not too familiar with that CAS 
>> client.
>>     
>
>   
I find a simple workaround, but I'am not sure if it's secure ?
I add a "satify any" to the template directory, so I suposse that any 
file access to that directory doesn't need anymore a CAS auth , and 
apparently that's enough to get the css that images showing up  :-) . 
Now I'am not certain that it is the best way to solve my pb ?

<Directory /var/www/html/svnview/templates>
 Order Allow,Deny
 Allow from all
 satisfy any
</Directory>
<Directory /var/www/html/svnview>
 AuthType CAS
 AuthName "INT auth"
 Require valid-user
</Directory>

logs do show 200 http results now :-)

157.159.50.197 - - [16/Oct/2006:18:18:59 +0200] "GET 
/svnview/?ticket=ST-62423-O3b0vHEprqzSrWa003SM HTTP/1.1" 200 3285 "-" 
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.4) Gecko/20060614 
Fedora/1.5.0.4-1.2.fc5 Firefox/1.5.0.4 pango-text"
157.159.50.197 - - [16/Oct/2006:18:19:00 +0200] "GET 
/svnview/templates/BlueGrey/styles.css HTTP/1.1" 200 2142 
"http://share.int-evry.fr/svnview/?ticket=ST-62423-O3b0vHEprqzSrWa003SM" 
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.4) Gecko/20060614 
Fedora/1.5.0.4-1.2.fc5 Firefox/1.5.0.4 pango-text"
157.159.50.197 - - [16/Oct/2006:18:19:00 +0200] "GET 
/svnview/templates/BlueGrey/collapse.js HTTP/1.1" 200 4859 
"http://share.int-evry.fr/svnview/?ticket=ST-62423-O3b0vHEprqzSrWa003SM" 
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.4) Gecko/20060614 
Fedora/1.5.0.4-1.2.fc5 Firefox/1.5.0.4 pango-text"
157.159.50.197 - - [16/Oct/2006:18:19:00 +0200] "GET 
/svnview/templates/BlueGrey/subversion.png HTTP/1.1" 200 4094 
"http://share.int-evry.fr/svnview/?ticket=ST-62423-O3b0vHEprqzSrWa003SM" 
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.4) Gecko/20060614 
Fedora/1.5.0.4-1.2.fc5 Firefox/1.5.0.4 pango-text"

thanks.
> Yes that could be a workaroud, but I thought that there was a well known 
> solution ...?
> Anyway I tried your workaround, setting no CAS auth in the template 
> subdir where css and images are located for that SVNview (simple php 
> application), but no way, css and images still don't show up :-( .
>
> <Directory /var/www/html/svnview/templates>
>  Order Allow,Deny
>  Allow from all
> </Directory>
> <Directory /var/www/html/svnview>
>  AuthType CAS
>  AuthName "INT auth"
>  Require valid-user
> </Directory>
>
> 82.230.22.244 - - [15/Oct/2006:12:40:37 +0200] "GET 
> /svnview/index.php?ticket=ST-60320-gToFH54pPfSXP6UOEt3M HTTP/1.1" *200* 
> 3285 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.0.7) 
> Gecko/20060909 Firefox/1.5.0.7"
>
> 82.230.22.244 - - [15/Oct/2006:12:40:37 +0200] "GET 
> /svnview/templates/BlueGrey/styles.css HTTP/1.1" *302* 369 
> "http://share.int-evry.fr/svnview/index.php?ticket=ST-60320-gToFH54pPfSXP6UOEt3M" 
> "Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.0.7) Gecko/20060909 
> Firefox/1.5.0.7"
>
> No one has ever had that problem ?
> thanks.
>
>
>
>
>   
>> -Scott
>>
>> On 10/13/06, * Jehan PROCACCIA* <Jehan.Procaccia at int-evry.fr 
>> <mailto:Jehan.Procaccia at int-evry.fr>> wrote:
>>
>>     I had this problem once, but cannot remember how I resolved it, I
>>     don't
>>     find the reponse in the archive neither :-(
>>
>>     on a casified <Directory>  everything works fine except that pages
>>     that
>>     contains images and css cannot load them. indeed in the logs I see an
>>     200 http code for the page itself with a cas ticket, and a 302 without
>>     ticket for the css and images:
>>
>>     *MailScanner warning: numerical links are often malicious:*
>>     157.159.50.197 <http://157.159.50.197> - - [12/Oct/2006:13:58:31
>>     +0200] "GET
>>     /svnview/listing.php?repname=s2ia&path=/&sc=0&ticket=ST-57395-0CoFHX076D8BjUvpxRcH
>>
>>     HTTP/1.1" 200 7030
>>     *MailScanner warning: numerical links are often malicious:*
>>     157.159.50.197 <http://157.159.50.197> - - [12/Oct/2006:13:58:31
>>     +0200] "GET
>>     /svnview/templates/Standard/styles.css HTTP/1.1" 302 371
>>
>>     The page finally show in the browser without css formating and no
>>     images
>>     :-( .
>>     How can I correct that.
>>
>>     Thanks.
>>     _______________________________________________
>>     Yale CAS mailing list
>>     cas at tp.its.yale.edu <mailto:cas at tp.its.yale.edu>
>>     http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>  
>>
>>     
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>

More information about the cas mailing list